CVE-2025-1144: Quanxun School Affairs System - Exposure of Sensitive Information

9.8 CVSS

Description

School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrator credentials.

Classification

CVE ID: CVE-2025-1144

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor: Quanxun

Product: School Affairs System

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.94% (scored less or equal to compared to others)

EPSS Date: 2025-03-12 (when was this score calculated)

References

https://www.twcert.org.tw/tw/cp-132-8415-853e0-1.html
https://www.twcert.org.tw/en/cp-139-8416-b6cba-2.html

Timeline

2025-02-12 00:31:34 UTC
CVE

Quanxun School Affairs System - Exposure of Sensitive Information